diff options
| author | danmcd <none@none> | 2006-11-03 07:10:24 -0800 |
|---|---|---|
| committer | danmcd <none@none> | 2006-11-03 07:10:24 -0800 |
| commit | 8810c16b934a2ad4f27aa86f95b0e8cec1c6ea46 (patch) | |
| tree | b060777b6bcb665ca262b8638583dae4db926d0a /usr/src/lib/libipsecutil/common/ipsec_util.h | |
| parent | 4eb9b328fcc1572ae335b557b22de5a937c5cff4 (diff) | |
| download | illumos-gate-8810c16b934a2ad4f27aa86f95b0e8cec1c6ea46.tar.gz | |
PSARC 2005/516 IPsec Tunnel Reform
4882852 tunnels vs. inverse acquire.
4970365 Support of ESP tunnel mode within Solaris
5027528 in.iked should be more intelligent about tunnel addresses
6180161 need to support multiple tunnels to a single nat
6208976 ipsecconf error messages make me think there are monsters under the bed
6313012 Clean up from removal of ipsec_inbound_debug_tag()
6351840 assertion failed: (ipha->ipha_protocol != 6) && (ipha->ipha_protocol != 17), ip.c, line: 15351
6359831 multicast tunnels don't get their IPsec policy checked.
6369094 ipseckey shouldn't accept/save-out encryption algorithm even it's none/any
6374560 ipseckey debug functions should be moved to libipsecutil
6374596 dump utilities need to be able to understand inner tunnel addresses and netmasks
6402781 Five dead declarations in IPsec code
6405338 spdsock leaks policy head references
6437366 NAT-OA payloads not processed early enough.
6465594 ipsec_policy_delete() uses wrong ipsec_selkey_t structure.
6467596 spdsock_ext_to_actvec() needs to reset "act" upon every SPD_ATTR_NEXT.
6470725 PF_POLICY shouldn't accept '0' for an algorithm value.
6475903 Outbound DROP rules are not enforced
6480815 INVERSE_ACQUIRE failures leak in in.iked
6482403 Race in in.iked, early door call vs. rest of initialization code
6482653 Don't accept UDP-encapsulated ESP on non-NAT SAs.
6487857 Post-ACQUIRE, AH+ESP packets misinitalized ipha/ip6
Diffstat (limited to 'usr/src/lib/libipsecutil/common/ipsec_util.h')
| -rw-r--r-- | usr/src/lib/libipsecutil/common/ipsec_util.h | 37 |
1 files changed, 36 insertions, 1 deletions
diff --git a/usr/src/lib/libipsecutil/common/ipsec_util.h b/usr/src/lib/libipsecutil/common/ipsec_util.h index 3e8876db93..cf4eaf9190 100644 --- a/usr/src/lib/libipsecutil/common/ipsec_util.h +++ b/usr/src/lib/libipsecutil/common/ipsec_util.h @@ -39,6 +39,9 @@ extern "C" { #include <sys/types.h> #include <sys/socket.h> +#include <net/pfkeyv2.h> +#include <netinet/in.h> +#include <inet/ip.h> #include <setjmp.h> #include <stdio.h> #include <err.h> @@ -109,7 +112,7 @@ extern void bail_msg(char *, ...); * take a FILE pointer. */ -extern int dump_sockaddr(struct sockaddr *, boolean_t, FILE *); +extern int dump_sockaddr(struct sockaddr *, uint8_t, boolean_t, FILE *); extern int dump_key(uint8_t *, uint_t, FILE *); @@ -172,6 +175,7 @@ extern boolean_t pflag; /* Paranoid w.r.t. printing keying material? */ extern boolean_t interactive; extern boolean_t readfile; extern uint_t lineno; +extern char numprint[NBUF_SIZE]; /* For error recovery in interactive or read-file mode. */ extern jmp_buf env; @@ -283,6 +287,37 @@ extern const char *spdsock_diag(int); /* PF_KEY (keysock) support functions */ extern const char *keysock_diag(int); +extern int in_masktoprefix(uint8_t *, boolean_t); + +/* SA support functions */ + +extern void print_diagnostic(FILE *, uint16_t); +extern void print_sadb_msg(struct sadb_msg *, time_t, boolean_t); +extern void print_sa(char *, struct sadb_sa *); +extern void printsatime(int64_t, const char *, const char *, const char *, + boolean_t); +extern void print_lifetimes(time_t, struct sadb_lifetime *, + struct sadb_lifetime *, struct sadb_lifetime *, boolean_t vflag); +extern void print_address(char *, struct sadb_address *); +extern void print_key(char *, struct sadb_key *); +extern void print_ident(char *, struct sadb_ident *); +extern void print_sens(char *, struct sadb_sens *); +extern void print_prop(char *, struct sadb_prop *); +extern void print_eprop(char *, struct sadb_prop *); +extern void print_supp(char *, struct sadb_supported *); +extern void print_spirange(char *, struct sadb_spirange *); +extern void print_kmc(char *, struct sadb_x_kmc *); +extern void print_samsg(uint64_t *, boolean_t, boolean_t); +extern char *rparsesatype(int); +extern char *rparsealg(uint8_t, int); +extern char *rparseidtype(uint16_t); +extern boolean_t save_lifetime(struct sadb_lifetime *, FILE *); +extern boolean_t save_address(struct sadb_address *, FILE *); +extern boolean_t save_key(struct sadb_key *, FILE *); +extern boolean_t save_ident(struct sadb_ident *, FILE *); +extern void save_assoc(uint64_t *, FILE *); +extern FILE *opensavefile(char *); +extern const char *do_inet_ntop(const void *, char *, size_t); #ifdef __cplusplus } |